stack smashing detected in /usr/bin/clevis-encrypt-tpm2: line 133: 10496 Aborted

[dnoliver]

Similar/related to #103

using pcr_banks instead of pcr_bank results in an stack smashing detected error

[root@fedora-server-1 ~]# clevis luks bind -d /dev/nvme0n1p1 tpm2 '{"pcr_banks":"sha1","pcr_ids":"0,1,2,3,4,5,6,7,8,9"}'

*** stack smashing detected ***: <unknown> terminated
/usr/bin/clevis-encrypt-tpm2: line 133: 10496 Aborted                 (core dumped) tpm2_createpolicy -Q -P -L "$pcr_bank":"$pcr_ids" -F $TMP/pcr.digest -f $TMP/pcr.policy

[root@fedora-server-1 ~]# rpm -qa clevis* tpm* cryptsetup* luks* libjose*

tpm2-tools-3.2.0-1.fc30.x86_64
tpm2-tss-2.2.3-1.fc30.x86_64
cryptsetup-libs-2.1.0-3.fc30.x86_64
cryptsetup-2.1.0-3.fc30.x86_64
clevis-luks-11-5.fc30.x86_64
libjose-10-4.fc30.x86_64
clevis-11-5.fc30.x86_64
luksmeta-9-2.fc29.x86_64
[root@fedora-server-1 ~]#

[sergio-correia]

Have you tried passing pcr_bank instead? I get the same stack smashing detected error here even when passing pcr_bank.

[dnoliver]

Works for me with pcr_bank, and it crashes consistently when I use pcr_banks.

Do you get the same error message in the the line 133 of clevis-encrypt-tpm2?

/usr/bin/clevis-encrypt-tpm2: line 133: 10496 Aborted

[sergio-correia]

Yeah, same line 133 error message in both cases, for me. Here's with pcr_bank:

clevis luks bind -d /dev/fedora/root tpm2  '{"pcr_bank":"sha1","pcr_ids":"0,1,2,3,4,5,6,7,8,9"}'
*** stack smashing detected ***: <unknown> terminated
/usr/bin/clevis-encrypt-tpm2: line 133: 10463 Aborted                 (core dumped) tpm2_createpolicy -Q -P -L "$pcr_bank":"$pcr_ids" -F $TMP/pcr.digest -f $TMP/pcr.policy

[dnoliver]

Changed title to reflect that it also happens with correct configuration

[dnoliver]

Output from dmesg:

[root@fedora-iot demo]# clevis luks bind -d /dev/sdb1 tpm2 '{"pcr_bank":"sha256","pcr_ids":"0,1,2,3,4,5,6,7,8,9"}'

*** stack smashing detected ***: <unknown> terminated
/usr/bin/clevis-encrypt-tpm2: line 133:  3142 Aborted                 (core dumped) tpm2_createpolicy -Q -P -L "$pcr_bank":"$pcr_ids" -F $TMP/pcr.digest -f $TMP/pcr.policy

[root@fedora-iot demo]# dmesg | grep tpm
[  854.871514] tpm tpm0: tpm_transmit: tpm_recv: error -5

[dnoliver]

it works with an empty pin configuration, so the problem is the policy creation part.

clevis luks bind -d /dev/sdb1 tpm2 '{}'

unfortunately, this will unlock the disk always, without any integrity protection from the TPM.

[martinezjavier]

@dnoliver @sergio-correia this seems to be a bug in the tpm2_createpolicy tool. Did you try running the tpm2-tools integration tests that use this tool? i.e:

$ git clone -b 3.X git@github.com:tpm2-software/tpm2-tools.git && cd tpm2-tools
$ export TPM2TOOLS_TCTI_NAME=device
$ export TPM2TOOLS_DEVICE_FILE=/dev/tpmrm0
$ cd test/system
$ ./test_tpm2_createpolicy.sh

You can also check with the test_tpm2_unseal.sh integration test that's very similar to what the clevis tpm2 pin does.

[dnoliver]

@sergio-correia the problem was that I was trying to use more than 8 PCRs to do the sealing, which is forbidden by the TPM specification.

By using 8 PCRs or less, I do not run into this issue.

Also, there is an updated tpm2-tool package (in fedora) that tells you that the configuration is invalid, instead of the stack smashing detected crash. More info here tpm2-software/tpm2-tools#1632

[dnoliver]

Fixed!